Refactor reading logic

app/routes/reading.py

@@ -7,92 +7,72 @@ from datetime import datetime
 
 reading = Blueprint('reading', __name__)
 
+def get_user_timezone():
+    """Fetch the user's timezone, defaulting to UTC."""
+    return timezone(current_user.profile.timezone if current_user.profile and current_user.profile.timezone else 'UTC')
+
+def localize_timestamp(timestamp, user_tz):
+    """Convert a UTC timestamp to the user's local timezone."""
+    return utc.localize(timestamp).astimezone(user_tz)
+
+def save_reading_from_form(reading, form, user_tz):
+    """Update a reading with form data and convert the timestamp to UTC."""
+    local_timestamp = form.timestamp.data
+    reading.timestamp = user_tz.localize(local_timestamp.replace(tzinfo=None)).astimezone(utc)
+    reading.systolic = form.systolic.data
+    reading.diastolic = form.diastolic.data
+    reading.heart_rate = form.heart_rate.data
+    db.session.commit()
+
 @reading.route('/add', methods=['GET', 'POST'])
 @login_required
 def add_reading():
     form = ReadingForm()
+    user_tz = get_user_timezone()
+
     if form.validate_on_submit():
         new_reading = Reading(
             user_id=current_user.id,
-            timestamp=form.timestamp.data,
+            timestamp=user_tz.localize(form.timestamp.data.replace(tzinfo=None)).astimezone(utc),
             systolic=form.systolic.data,
             diastolic=form.diastolic.data,
-            heart_rate=form.heart_rate.data
+            heart_rate=form.heart_rate.data,
         )
         db.session.add(new_reading)
         db.session.commit()
         flash("Reading added successfully.", "success")
         return redirect(url_for('main.dashboard'))
-    
-    # Fetch the user's timezone (default to 'UTC' if none is set)
-    user_timezone = current_user.profile.timezone if current_user.profile and current_user.profile.timezone else 'UTC'
-    local_tz = timezone(user_timezone)
 
-    form.timestamp.data = utc.localize(datetime.utcnow()).astimezone(local_tz)
+    form.timestamp.data = localize_timestamp(datetime.utcnow(), user_tz)
     return render_template('reading/add_reading.html', form=form)
 
 @reading.route('/<int:reading_id>/edit', methods=['GET', 'POST'])
 @login_required
 def edit_reading(reading_id):
-    reading = Reading.query.get_or_404(reading_id)
+    reading = Reading.query.filter_by(id=reading_id, user_id=current_user.id).first_or_404()
-    
+    user_tz = get_user_timezone()
-    # Ensure the reading belongs to the logged-in user
-    if reading.user_id != current_user.id:
-        flash('You are not authorized to edit this reading.', 'danger')
-        return redirect(url_for('main.dashboard'))
-    
-    # Fetch the user's timezone (default to 'UTC' if none is set)
-    user_timezone = current_user.profile.timezone if current_user.profile and current_user.profile.timezone else 'UTC'
-    local_tz = timezone(user_timezone)
 
-    reading.local_timestamp = utc.localize(reading.timestamp).astimezone(local_tz)
+    form = ReadingForm(obj=reading)
+    form.timestamp.data = localize_timestamp(reading.timestamp, user_tz)
 
-    form = ReadingForm(obj=reading)  # Populate form with existing reading data
-    form.timestamp.data = reading.local_timestamp
     if form.validate_on_submit():
-        # Convert the local timestamp back to UTC for saving
+        save_reading_from_form(reading, form, user_tz)
-        local_timestamp = form.timestamp.data
-        # Ensure the local timestamp is naive before localizing
-        if local_timestamp.tzinfo is not None:
-            local_timestamp = local_timestamp.replace(tzinfo=None)
-
-        reading.timestamp = local_tz.localize(local_timestamp).astimezone(utc)
-
-        reading.systolic = form.systolic.data
-        reading.diastolic = form.diastolic.data
-        reading.heart_rate = form.heart_rate.data
-        db.session.commit()
         flash('Reading updated successfully!', 'success')
         return redirect(url_for('main.dashboard'))
 
     return render_template('reading/edit_reading.html', form=form, reading=reading)
 
-@reading.route('/<int:reading_id>/confirm_delete', methods=['GET', 'POST'])
+@reading.route('/<int:reading_id>/confirm_delete', methods=['GET'])
 @login_required
 def confirm_delete(reading_id):
-    # Fetch the reading to confirm deletion
     reading = Reading.query.filter_by(id=reading_id, user_id=current_user.id).first_or_404()
 
-    if request.method == 'POST':
-        # Handle deletion
-        db.session.delete(reading)
-        db.session.commit()
-        flash('Reading deleted successfully!', 'success')
-        return redirect(url_for('main.dashboard'))
-
     return render_template('reading/confirm_delete.html', reading=reading)
 
-
 @reading.route('/<int:reading_id>/delete', methods=['POST'])
 @login_required
 def delete_reading(reading_id):
-    reading = Reading.query.get_or_404(reading_id)
+    reading = Reading.query.filter_by(id=reading_id, user_id=current_user.id).first_or_404()
-
-    # Ensure the reading belongs to the logged-in user
-    if reading.user_id != current_user.id:
-        flash('You are not authorized to delete this reading.', 'danger')
-        return redirect(url_for('main.dashboard'))
-
     db.session.delete(reading)
     db.session.commit()
     flash('Reading deleted successfully!', 'success')

app/templates/reading/confirm_delete.html

@@ -29,7 +29,7 @@
                 class="px-4 py-2 bg-gray-300 text-gray-700 rounded hover:bg-gray-400">
                 Cancel
             </a>
-            <form method="POST" action="{{ url_for('reading.confirm_delete', reading_id=reading.id) }}">
+            <form method="POST" action="{{ url_for('reading.delete_reading', reading_id=reading.id) }}">
                 <button type="submit" class="px-4 py-2 bg-red-600 text-white rounded hover:bg-red-700">
                     Confirm
                 </button>